Depending on who you ask, some may argue that the 4IR is still on its way, while others believe South Africa is already engulfed in it. The reality is that as technology continues to evolve, it becomes an even more significant part of our daily lives. Moreover, technology also influences economic advancement, making it a major driving force for personal and business decisions.
A move toward a more connected world and or society has to be reinforced by a robust security strategy and governance thereof. Additionally, the pace at which technology continues to evolve shows no signs of slowing down and mandates the need for security solutions to protect technological platforms.
This, in turn, has compelled governments around the world to respond to threats emanating from digital platforms and influencing socio-political, economic, and state security. To better protect their citizens, governments need to practice better diplomacy when it comes to cyberwarfare since lack of cooperation ends up aiding the malicious intent of the hackers.
Considering the current global geopolitical landscape, should South African organizations be concerned about state-sponsored cyber-attacks?
The purpose of this document is to highlight the significant and ever-evolving role of cybersecurity in global politics. Cybersecurity is and will continue to be one of the main threats to national security, public safety, and economic challenges every nation faces as the shift continues toward a more connected and advanced world, ultimately having a significant impact on globalization.
Continued advancements in technology and the rise of networked machines have led to what can be considered a ‘dramatic’ change to social interaction. Furthermore, these advances have important implications for security, considering that digital connectivity has both positive and negative connotations. In fact, in some cases, these issues can alter the distribution of power.
There is no denying the fact that technological improvement is continuous and ubiquitous, with each advancement impacting how we communicate and interact with the world.
State-sponsored attacks are also referred to as Cyberwarfare. These attacks are maliciously carried out with the intent to cause harm, the impact of which is quite comparable to actual warfare. The intention may be to drive a political agenda, gain a competitive advantage or respond to human rights violations.
South African organizations need to consider these threats when designing their Cyber resilience strategy. Still, the ultimate onus is on the ruling party to provide the economic and political climate that fosters mutual development and advancement among countries. ‘DIRCO’s mission is to formulate, coordinate, implement and manage South Africa’s foreign policy and international relations programs, promote South Africa’s national interest and values and the African Renaissance (and create a better world for all).’
The last decade has seen radical changes influenced by technology. For example, #Guptaleaks highlighted the level of corruption and the private sector’s role in swaying the perceptions among citizens. Bell Pottinger was instrumental in using digital platforms to drive a divide among different racial groups in SA by their intentional manipulation of current affairs that led to the phrase #fakenews. Donald Trump’s campaign also had elements of manipulation through targeted advertising and campaigns. His legacy also includes harvesting the personal data of Americans on social media platforms.
As highlighted in the Economist Feb 2019 edition, data has surpassed oil as the world’s most valuable resource. This represents both a unique opportunity and risk for those who store, process, and manage it. Those who are entrusted with personal information need to ensure its confidentiality, integrity, and availability. As highlighted above, if used by people with malicious intent, it can have far-reaching dire consequences.
Advancements in and the adoption of certain laws and regulations governing data have led to The General Data Protection Regulation (GDPR) ‘, a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU and EEA. This law makes organizations accountable for the protection of personal data referring to the handling, collection, processing, and storage of information that could lead to the identification of an individual.
GDPR also applies to South African companies that sell products or provide services to EU citizens. Failure to comply with its rules can result in a fine of 4% of a company’s global revenue or €20m, whichever is greater.
In summary, South African organizations need to prioritize the risks posed by state-sponsored attacks. The shift toward the fourth industrial revolution is primarily driven by data and a nation’s ability to extract value for financial, political, or social gain.
Organizations with headquarters in SA and multinational companies with branches here need to prioritize risk mitigation to ensure their platforms aren’t compromised or pose a financial risk for noncompliance. The global political and social climate remains strained as different organizations attempt to gain a competitive edge or claim espionage.
For example, the US placed sanctions on Chinese manufacturer Huawei, claiming that they spy on Americans. And that’s just the start because, in the long run, there will be further casualties. This will lead to continued emphasis on Cyberwarfare in retaliation.
On the other hand, under the Trump administration, the US has reportedly launched sophisticated Cyber Attacks against Iran in response to an attack on oil tankers. The attack was allowed to go forward because it was intended to be below the threshold of armed conflict — using the same shadow tactics that Iran has deployed.
DDoS attacks have become more prominent on the African continent, ultimately limiting the availably of online services. These attacks are sophisticated, with the majority originating in the US, Russia, and China. As long as the diplomacy among ‘the developed’ world remains strained, local and multinational firms will be subject to high risk.
Unathi Mothiba
Snr Product Manager Cyber Security
